Open source has become an imperative part of every developer’s arsenal. The potential to gather assistance from the community and the capacity to link into a range of systems and solutions make open source incredibly powerful. As open source software becomes ubiquitous, and used by the vast majority of enterprises throughout the world, 2017 is all set for vendors of application delivery controller (ADC) to start providing improved and tighter integration packages for various open source projects, especially surrounding ADC-generated telemetry. Companies have been extensively using their analytics and machine learning capabilities for quite some time to identify actionable patterns from the collected data. With the rising demand for business intelligence, this year is foreseen to be the year of information superiority with businesses, leveraging data as a key differentiator. In the past couple of years, containers have been emerging as an imminent trend. As the business focus starkly shifts on rightsizing of resources, containers are expected to become a common phenomenon, giving businesses the ability to leverage highly portable assets and make the move into micro services much simpler. Adjacently, automation has become essential now. Mostly intensified by DevOps adoption, the automation of software delivery and infrastructure changes have freed developers to spend more time creating and less time worrying about infrastructure.

He continues: “An open source model allows companies to see the assumptions behind the calculation and lowers the cost of entry into the cat modeling business. More importantly, the standardized and interoperable hazard, vulnerability and financial modules included in a true open source model facilitate the collaboration of data from insurers, reinsurers, entrepreneurs, scientists, computer programmers and individuals, all of which may result in a new generation of cat models.”

DevOps is one of the most highly sought skills employers are seeking to fill among 57 percent of respondents in the 2017 Open Source Jobs Report, from Dice and The Linux Foundation. Specifically, firms are looking for developers (73 percent) and DevOps engineers (60 percent).

Longtime Nouveau contributor Karol Herbst has been working on an updated list of project ideas for new contributors or those that may be wanting to participate in an Endless Vacation of Code / Google Summer of Code.

Oracle had already announced it would be moving Java EE to the Eclipse Foundation, and the announcements at JavaOne move the language further to a more vendor-neutral future. It's worth noting that the keynote was preceded by a Safe Harbor disclaimer in which Oracle said it could not be held to plans made during the speech, so nothing is actually certain.

Greg Kroah-Hartman on the behalf of the Linux Foundation Technical Advisory Board has today announced the Linux Kernel Community Enforcement Statement. This statement is designed to better fend off copyright trolls.

Among the copyright troll concerns is how a Netfilter developer has been trying to enforce his personal copyright claims against companies for "in secret and for large sums of money by threatening or engaging in litigation."

The Linux Foundation's Technical Advisory board, in response to concerns about exploitative license enforcement around the kernel, has put together this patch adding a document to the kernel describing its view of license enforcement. This document has been signed or acknowledged by a long list of kernel developers. In particular, it seeks to reduce the effect of the "GPLv2 death penalty" by stating that a violator's license to the software will be reinstated upon a timely return to compliance.

Aaeon has revised its Intel 6th Gen Core based COM-SKUC6 COM Express Type 6 Compact module, which we covered in brief in 2015 as part of Intel’s Skylake announcement, as a new “Kaby Lake” based COM-KBUC6. As you can see from a comparison of the side by side block diagrams below, not much has changed with the new COM-KBUC6 module except for a jump to slightly faster 7th Gen Core processors, once again using the dual-core, 15W U-Series.

Renesas has launched its RZ/G Linux Platform with the industrial-grade Civil Infrastructure Platform (CIP) Super Long-Term Support (SLTS) Linux kernel, which enables Linux-based embedded systems to be maintained for more than 10 years.

The open source software company Red Hat is betting big on the Indian market and plans to take its offerings to tier-2 and tier-3 cities as well as neighbouring Bangladesh and Sri Lanka, as public and private sectors increasingly adopt open source software.

In an effort expose its customers to open source solutions, Alibaba Cloud, the cloud computing arm of Alibaba Group, has entered into a new partnership with Red Hat, a global provider of open source solutions.

In addition becoming part of the Red Hat Certified Cloud and Service Provider program, Alibaba Cloud will soon be able to offer its clients access to Red Hat's offerings, which includes the full range of open source cloud solutions, as well as Red Hat Enterprise Linux. The latter will be offered as a pay-as-you-go model in the Alibaba Cloud Marketplace.

First, ask yourself if you will dedicate the server to Docker containers. If a distribution will only serve up Docker containers, examine the Linux variants created for the specific purpose of deploying containers.

Kubernetes’ perceived edge in the container orchestration market, as young as that market is today, is neither definitive nor definite. Its survival may yet depend on competitors’ ability to match customers’ expectations for the essential requirements for orchestration. In the future, enterprises may look for solutions that are bundled or included with larger platforms, or they may simply accept those solutions once they’ve discovered they were already bundled with the platforms in which they’ve already invested.

Nearly 100 million files are downloaded from the LVFS every month, the majority being metadata to know what updates are available. Although each metadata file is very small it still adds up to over 1TB in transfered bytes per month. Amazon has kindly given the LVFS a 2000 USD per year open source grant which more than covers the hosting costs and any test EC2 instances. I really appreciate the donation from Amazon as it allows us to continue to grow, both with the number of Linux clients connecting every hour, and with the number of firmware files hosted. Before the grant sometimes Red Hat would pay the bandwidth bill, and other times it was just paid out my own pocket, so the grant does mean a lot to me. Amazon seemed very friendly towards this kind of open source shared infrastructure, so kudos to them for that.

At the moment the secure part of the LVFS is hosted in a dedicated Scaleway instance, so any additional donations would be spent on paying this small bill and perhaps more importantly buying some (2nd hand?) hardware to include as part of our release-time QA checks.

Epiphany 3.27.1 was released a short time ago as the first development release of this web-browser for the GNOME 3.28 cycle.

For being early in the development cycle there is already a fair number of improvements with Epiphany 3.27.1. Some of the highlights include Google Safe Browsing support, a new address bar dropdown powered by libdazzle, and improvements to the Flatpak support.

I am pleased to announce that Epiphany users will now benefit from a safe browsing support which is capable to detect and alert users whenever they are visiting a potential malicious website. This feature will be shipped in GNOME 3.28, but those who don’t wish to wait that long can go ahead and build Epiphany from master to benefit from it.

The safe browsing support is enabled by default in Epiphany, but you can always disable it from the preferences dialog by toggling the checkbox under General -> Web Content -> Try to block dangerous websites.

Librarian and privacy advocate Jessamyn West was outraged when she heard about the massive data breach affecting 134 million people at credit reporting agency Equifax. So the Randolph librarian decided to sue the multi-billion dollar company in Vermont Small Claims Court.

West said in her summons to the credit reporting company asserts the company "acted recklessly," and ignored the basics of good data security.

Software Freedom Conservancy congratulates the Linux community for taking steps today to promote principled, community-minded copyleft enforcement by publishing the Linux Kernel Enforcement Statement. The Statement includes an additional permission under Linux's license, the GNU General Public License (GPL) version 2 (GPLv2). The additional permission, to which copyright holders may voluntarily opt-in, changes the license of their copyrights to allow reliance on the copyright license termination provisions from the GNU General Public License version 3 (GPLv3) for some cases 1.

Conservancy also commends the Linux community's Statement for reaffirming that legal action should be last resort for resolving a GPL violation, and for inviting noncompliant companies who work their way back into compliance to become active participants in the community. By bringing clarity to GPLv2 enforcement efforts, companies can adopt software with the assurance that these parties will work in a reasonable, community-centric way to resolve compliance issues.

More than six months after the release of the 4.8 series, the BSD-derived DragonFly BSD operating system has been updated today to version 5.0, a major new stable series that introduces new features and numerous improvements.

Once upon a time there was Crunchbang Linux, and then it was no more, and then the community brought it back to life in another form known as BunsenLabs Linux. This distribution offers a lightweight and easily customizable Openbox desktop.

Based on the recent Linux Kernel Community Enforcement Statement and the article describing the background and what it means , here are some Questions/Answers to help clear things up. These are based on questions that came up when the statement was discussed among the initial round of over 200 different kernel developers.

In my previous post, I wrote about assembling and using the Farnell element 14 Pi-Desktop kit. I limited that post to the basic installation, configuration and use of the Pi-Desktop enclosure itself. Now I am going to look at one of the optional expansion possibilities of that kit, adding an mSATA SSD (Solid State Disk).

The first thing to consider, though, is why you would want to do this. There are three obvious reasons:

KDE Frameworks are 70 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement.

I consider digital painting to be one of my weakest areas of art skills, so I spend a lot of time trying to improve it. Other areas of digital art I’m interested in include CAD, 3d modeling, digital sculpting, vector animation, and pixel art.

Renesas upgraded the Linux stack for its RZ/G SoCs to use CIP’s 10-year SLTS kernel. Meanwhile, the standard LTS kernel will expand from 2 to 6 years.

The Linux Foundation launched the Civil Infrastructure Platform (CIP) project a year ago with the intention of developing base layer, open source industrial-grade software starting with a 10-year Super Long-Term Support (SLTS) kernel. The SLTS kernel is now ready to go, and is being incorporated by Renesas in its RZ/G Linux Platform stack for its ARM-based RZ/G system-on-chips.

With that in mind, Alibaba Cloud, which is the cloud computing arm of eCommerce giant Alibaba Group Holding Ltd., said today that it’s partnering with the open-source software company Red Hat Inc. The alliance sees Alibaba Cloud join the Red Hat Certified Cloud and Service Provider program, which makes it possible for it to offer a range of popular Red Hat products to its customers. These will include the company’s flagship Red Hat Enterprise Linux platform, which will soon be made available via a pay-as-you-go pricing model in the Alibaba Cloud Marketplace.

I said that I was going to start writing these regularly, so I'm going to stick to it, even when the results are rather underwhelming. One of the goals is to make the time for more free software work, and I do better at doing things that I record.

The only piece of free software work for September was that I made rra-c-util compile cleanly with the Clang static analyzer. This was fairly tedious work that mostly involved unconfusing the compiler or converting (semi-intentional) crashes into explicit asserts, but it unblocks using the Clang static analyzer as part of the automated test suite of my other projects that are downstream of rra-c-util.

One of the semantic changes I made was that the vector utilities in rra-c-util (which maintain a resizable array of strings) now always allocate room for at least one string pointer. This wastes a small amount of memory for empty vectors that are never used, but ensures that the strings struct member is always valid. This isn't, strictly speaking, a correctness fix, since all the checks were correct, but after some thought, I decided that humans might have the same problem that the static analyzer had. It's a lot easier to reason about a field that's never NULL. Similarly, the replacement function for a missing reallocarray now does an allocation of size 1 if given a size of 0, just to avoid edge case behavior. (I'm sure the behavior of a realloc with size 0 is defined somewhere in the C standard, but if I have to look it up, I'd rather not make a human reason about it.)

Data sets are everywhere, and because open source communities produce plenty of information in addition to source code, most community infrastructures require tools to support the software development process. Examples include bug-reporting systems such as Jira and Bugzilla, versioning systems such as Git, and code review tools like Gerrit. Although communication also takes place through these tools, most is done through mailing lists, IRC, supporting systems like Discourse, and even Twitter and other social channels (especially for marketing and announcements). In fact, most open source communities utilize at least five or ten tools, if not more.

Join the Opensource.com community for a set of amazing lightning talks you won't want to miss during the All Things Open conference in Raleigh, NC. Speakers have five minutes to enlighten the audience about an open source topic they are passionate about. We've got everything from DevOps and Kubernetes, to wearables, cloud, and more. Grab your lunch, find a seat, warm up your Twitter fingers, and get ready for the fastest hour at All Things Open 2017. Share your favorite thoughts using hashtage #ATO2017.

Maintenance is a good idea for every website, but it's a requirement for websites using open source code. The upside of open source is that everyone can participate. The downside is that means keeping up with everyone's changes. Code gets patched, which causes other code to stop working and need patches in turn. Exploits are found and then blocked. Fancy new features are developed, and your users want them. All of this means you need to keep up! The most important weapon to combat these forces is maintenance. Maintenance is a simple process, but there are basic mistakes that many people make at least once. Avoid these and you'll be well on your way to a safer, cleaner website that isn't a huge pain to keep running.

[...]

Even if you could do better, are you being paid to rewrite something that's already mostly working? If you're frustrated enough to take it on as a hobby project, is that what you want to spend your weekend on? GitHub is chock full of not-all-that-unique content management systems (CMSes) and static site builders. Most of them are abandoned, clones of more popular systems, or both. Don't be yet another one.

Satellite images of rural towns, sprawling woodlands and grooved mountainsides fill the computer screens as homeowners and students scroll across digital maps.

This group of a few dozen people gathered on Friday at the Perry Castenada Library on the University of Texas at Austin campus for a four-hour disaster relief mapathon to bolster humanitarian efforts in Puerto Rico, where 91 percent of the island is still without electricity, and Mexico, which was ravaged by a 6.1 earthquake.

At Google I/O 2017, Google announced the newly added support for Kotlin programming language in Android, along with the existing languages Java and C++. As per the experts, Kotlin came as a breath of fresh air in Android development ecosystem to make “Android development faster and more fun. But, what about the numbers? How many developers are making a shift to Kotlin? Let’s find out.

A decade after their release, Microsoft Office 2007 and Outlook 2007 today fell out of extended support. Gaze teary-eyed at your installation discs. The software has entered the Long Dark Tea-Time of the Soul.

The cutoff has been coming for some time, of course, but if you're of a nostalgic bent, the Outlook 2007 epitaph is here, and the somewhat longer (with more dates to absorb) Office 2007 farewell is here.

With extended support ending for both 2007-era families, no new features, bug fixes, security patches, nor support, will be available in future for the programs.

The WPA2 protocol which is widely used to secure WiFi traffic is at risk from multiple vulnerabilities, collectively referred to as "KRACK Attacks" that were publicly disclosed on Oct. 16

"Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted," the vulnerability disclosure warns."The attack works against all modern protected Wi-Fi networks."

KRACK is an acronym for Key Reinstallation Attacks, which were discovered by security research Mathy Vanhoef and Frank Piessens working at Belgian University KU Leuven. The researchers have disclosed the details of the KRACK attack in a research paper and plan on discussing it further in talks at the Computer and Communications Security (CCS) and Black Hat Europe conferences later this year.

Most of you would have noticed already, but most of GNOME modules have been updated to their 3.26.1 release. This means that Ubuntu 17.10 users will be able to enjoy the latest and greatest from the GNOME project. It’s been fun to follow again the latest development release, report bugs, catch up regressions and following new features.

GNOME 3.26.1 introduces in addition to many bug fixes, improvements, documentation and translation, updates resizeable tiling support, which is a great feature that many people will surely take advantage of! Here is the video that Georges has done and blogged about while developing the feature for those who didn’t have a look yet: